Compass is a central, multi-tenant system that allows you to connect Applications and manage them across multiple Kyma Runtimes. Using Compass, you can control and monitor your Application landscape in one central place. As an integral part of Kyma, Compass uses a set of features that Kyma provides, such as Istio, Prometheus and Monitoring. It also includes Compass UI Cockpit that exposes Compass APIs to users. Compass allows you to:
- Connect and manage Applications and Kyma Runtimes in one central place
- Store Applications and Runtimes configurations
- Group Applications and Runtimes to enable integration
- Communicate the configuration changes to Applications and Runtimes
- Establish a trusted connection between Applications and Runtimes using various authentication methods
Compass by design does not participate in direct communication between Applications and Runtimes. It only sets up the connection. In case the cluster with Compass is down, the Applications and Runtimes cooperation still works.
For more information about the Compass architecture, technical details, and components, read the project documentation.
Install Compass locally or on a cluster. See the installation document for details.
Compass depends on Kyma.
For installation and CI integration jobs, a fixed Kyma version is used, which can be checked at ./installation/resources/KYMA_VERSION
.
Compass uses Octopus for testing both locally and on a cluster. To run the Compass tests, use this script:
./installation/scripts/testing.sh
Currently, the Compass Gateway is accessible under three different hosts secured with different authentication methods:
https://compass-gateway.{domain}
- secured with JWT token issued by an identity servicehttps://compass-gateway-mtls.{domain}
- secured with client certificates (mTLS)https://compass-gateway-auth-oauth.{domain}
- secured with OAuth 2.0 access token issued by Hydra
You can access Director GraphQL API under the /director/graphql
endpoint, and Connector GraphQL API under /connector/graphql
.
To access Connectivity Adapter, use the https://adapter-gateway.{DOMAIN}
host secured with one-time tokens or https://adapter-gateway-mtls.{DOMAIN}
secured with client certificates (mTLS).